Cybersecurity
CoPilot Texas-based Texas Patients Just Informed of 2015 Breach

CoPilot Texas-based Texas Patients Just Informed of 2015 Breach

Texas orthopedic clinic CoPilot are just now informing their patients that their protected health information may have been exposed in a 2015 CoPilot data breach. In October 2015, an online portal managed by CoPilot Provider Support Services was accessed by an...

PeaceHealth: Former Employee Accessed Private Data for Over Six Years

PeaceHealth: Former Employee Accessed Private Data for Over Six Years

A Catholic health system based in Vancouver, WA PeaceHealth, has revealed discovered that a former member of staff had accessed the medical history of almost 2,000 patients without any an adequate work reason. The unauthorized and inappropriate access was found by...

Dark OverLord Group Attacked SMART Physical Therapy

Dark OverLord Group Attacked SMART Physical Therapy

Hacking group TheDarkOverlord, after an apparent period of inactivity,  has claimed responsibility for another successful attack on a U.S. healthcare supplier. This time the victim was Mass-based SMART Physical Therapy (SMART PT). The announcement of the data theft...

Huge HIPAA Settlement Due to Unencrypted Data on Laptop

Huge HIPAA Settlement Due to Unencrypted Data on Laptop

The U.S. Department of Health and Human Services Office for Civil Rights (OCR) has just received a joint settlement of $1,975,220 for the potential breaches of HIPAA arising following the theft of a laptop storing unencrypted ePHI data. The failure to adhere to the...

AETNA Facing Legal Action for Patient HIV Status Breach

AETNA Facing Legal Action for Patient HIV Status Breach

Aetna is facing a class action lawsuit following a privacy breach that saw the HIV positive status of up to 12,000 individuals disclosed against the patients' wishes.  The individuals names and addresses were visible during a recent mail distribution when details of...

Hurricane Harvey Disaster Zone Partial Waiver Issued by HHS

Hurricane Harvey Disaster Zone Partial Waiver Issued by HHS

  In a release yesterday, HHS Secretary Tom Price stated that OCR will waive sanctions and financial penalties for specific Privacy Rule violations against hospitals in the Hurricane Harvey disaster area. This waiver is only applicable to the provisions of the...

Industry Leaders Declare Support for Medical Device Cybersecurity Act

Industry Leaders Declare Support for Medical Device Cybersecurity Act

The Medical Device Cybersecurity Act introduced by Connecticut Senator Richard Blumenthal last week is intended to improve the security of medical devices by making it harder for the devices to be hacked. If the legislation is passed, medical device manufacturers will...

Only 5% of Healthcare Organizations Use Risk Management Software

Only 5% of Healthcare Organizations Use Risk Management Software

A recent survey conducted by risk management software vendor Netwrix has revealed only 5% of healthcare organizations are using software for risk management and security governance. Additionally, only 32% of healthcare organizations said they had a separate...

OCR Warns of Risks from Cloud Computing and File Sharing Tools

OCR Warns of Risks from Cloud Computing and File Sharing Tools

The Department of Health and Human Services’ Office for Civil Rights (OCR) has issued a reminder to all covered entities and business associates of the possible risks associated with file sharing and collaboration tools, outlining the dangers these services can...

The 2016 Cost of Data Breach Study: A Summary

The 2016 Cost of Data Breach Study: A Summary

The Ponemon Institute has conducted an annual benchmark study on the cost of data breaches for the last decade. Their 2016 Cost of Data Breach Study was published by the Institute earlier this week. The overall report shows the cost of breach resolution has continued...

Summary of Healthcare Data Breaches in 2016

Summary of Healthcare Data Breaches in 2016

Although the total number of healthcare data breaches reported in 2016 is an order of magnitude lower than the number seen in 2015, there was a significant increase in the number of covered entities (CEs) that reported breaches. There were 16,471,765 recorded breaches...

33% of Hospitals Do Not Have HIPAA-Compliant EHR Contingency Plans

33% of Hospitals Do Not Have HIPAA-Compliant EHR Contingency Plans

In a recent report released by the Department of Health and Human Services’ Office of Inspector General, a third of hospitals do not have sufficient HIPAA-compliant EHR contingency plans in place, although the majority are “largely addressing” HIPAA requirements for...

June 2016 Sees Massive Healthcare Data Breach

June 2016 Sees Massive Healthcare Data Breach

In recent years, there has been a substantial increase in the number of cyberattacks on healthcare organizations with the aim of obtaining PHI. It has proven profitable for hackers to conduct attacks on healthcare organizations and sell the data on the black...

Snapchat Video Posting Gets Nursing Assistant Fired

Snapchat Video Posting Gets Nursing Assistant Fired

A nursing assistant from the Parkside Manor assisted-living center in Kenosha, WI., has been fired from her job for recording a video of a practically naked 93-year-old Alzheimer’s patient and sharing it on Snapchat. Recently an unwelcome trend has emerged involving...

Improper PHI Disposal Leads Allina Health System to Alert 6,000

Improper PHI Disposal Leads Allina Health System to Alert 6,000

The Allina Health System Minneapolis Isles clinic has notified around 6,000 patients of a breach of their Protected Health Information (PHI). The clinic, located at 2800 Hennepin Avenue, found instances of improper PHI disposal had occurred after documents including...

Lahey Hospital Reach Settlement with OCR

Lahey Hospital Reach Settlement with OCR

Following a data breach that occurred back in 2011, the HHS has revealed that Lahey Hospital and Medical Center has agreed to settle a case with the Office for Civil Rights (OCR) over alleged HIPAA violations for $850,000. Lahey Hospital and Medical Center has agreed...

Conn. OIG Reaches $90K Settlement over 2012 Laptop Theft

Conn. OIG Reaches $90K Settlement over 2012 Laptop Theft

Following the 2012 theft of a laptop computer containing the unencrypted data of 8,883 Connecticut residents, Hartford Hospital - and one of its Business Associates, EMC Corporation (EMC) - have agreed to a settlement with the Connecticut Office of the Inspector...

Small Dental Practices HIPAA Compliance Tool Released

Small Dental Practices HIPAA Compliance Tool Released

Being compliant with HIPAA Privacy and Security Rules can be a challenge for all organizations, regardless of size. However, smaller healthcare providers tend to have more issues. Budgets tend to be tighter, and a lack of suitable staff means progress is slow. This...

Lack of Skilled Staff Means Cybersecurity Services are Being Outsourced

Lack of Skilled Staff Means Cybersecurity Services are Being Outsourced

A lack of a appropriate workforce with appropriate skills to improve cybersecurity defenses is leading many CISOs and CIOs to look outside their organizations for assistance. Businesses and healthcare suppliers are now increasingly hiring third party consultants and...

23rd National HIPAA Summit Next Week

23rd National HIPAA Summit Next Week

Government department heads and industry leaders will be attending the 23rd National HIPAA Summit to give updates on the work that has been completed in the last year and to provide information on new legislation and regulations. The summit also offers the chance for...

Legislative Changes Covering Big Data Proposed by Federal Advisers

Legislative Changes Covering Big Data Proposed by Federal Advisers

The Health IT Policy Committee’s Privacy and Security Workgroup has been reviewing a number of Big Data issues affecting the privacy and security of patients after two public hearings conducted by the organization in December 2014. The focus the working group to make...

Free Healthcare Communications Webinar to be Presented by TigerText

Free Healthcare Communications Webinar to be Presented by TigerText

TigerText has revealed it will be presenting a free healthcare communications webinar in which former HHS regulator Adam Greene will be speaking about best practices for introducing a HIPAA-compliant mobile communications strategy. “Ask the Experts: Tips for a HIPAA...

Report Reveals Biggest Causes of PHI Exposure

Report Reveals Biggest Causes of PHI Exposure

Veriphyr Identity and Access Intelligence has recently published a report into what causes the greatest threat to exposure of Protected Health Information (PHI). The study found that the theft of mobile devices may result in the largest exposures of PHI, however, the...

Raise the level of HIPAA Awareness in your organization with Learner-Friendly, Comprehensive and Affordable HIPAA Training.

COMPREHENSIVE HIPAA TRAINING

Please enable JavaScript in your browser to complete this form.

Privacy is key to everything that we do at J Flowers Health Institute. We require the highest data privacy standards in our daily operations between our team members and patients. The HIPAA compliance and cyber security training we provide to our teams with ComplianceJunction creates enormous value for our organization.

Kevin DeLoach

Chief Operating Officer
J. Flowers Health Institute